underground

Pierluigi Paganini March 20, 2014
Fraudulent infrastructure behind 5M harvested Russian phone numbers service

Danchev profiling a service which proposes more than 5M harvested mobile phone numbers has discovered a fraudulent architecture used for illicit purposes. Cybercrime has targeted mobile industry more than ever, the number of attacks is on the rise and the proposal in the underground of tools and services for mobile market is rapidly growing. The […]

Pierluigi Paganini March 20, 2014
FireEye discovered Android spying components in Winspy RAT

FireEye experts investigating on a spear-phishing campaign on an US-based financial institution discovered that common WinSpy RAT was adapted to hit Android devices. FireEye Security Researchers have recently identified a new variant of Winspy RAT that can infect users’ PC and also their Android Devices during synchronization operations. We have a long discussed about the increment for […]

Pierluigi Paganini March 17, 2014
Bitcoin stealer malware disguised as application to access MtGox DB

The MtGox data leaked by the popular exchange was invented by hackers to infect a large audience with a Bitcoin stealer malware. Last month the biggest MtGox exchange filed for bankruptcy after it lost nearly 850,000 Bitcoins, it is a fraud, according an unknown hacker who breached into the personal blog and Reddit account of MtGox CEO, Mark Karpeles. As usual […]

Pierluigi Paganini March 12, 2014
162,000 WordPress instances abused for DDoS attack

Sucuri firm detected a large DDOS attack that leveraged thousands of unsuspecting WordPress websites as indirect amplification vectors. The security community is threatened by a new botnet composed at least 162,000 WordPress-powered websites abused to run DDoS attacks. The technique of attack allows to flood a target with requests sent by WordPress servers that received a […]

Pierluigi Paganini March 10, 2014
Anonymous hackers hacked MtGox CEO publishing evidence of fraud

A group of anonymous hackers violated the personal blog and Reddit account of the MtGox CEO Mark Karpeles on Sunday. They claim to publish evidence of fraud. Bitcoin community was shocked by recent MtGox data breach, the Bitcoin exchange shuts down after it had announced to have suffered technical issues that forced the exchange to suspend […]

Pierluigi Paganini March 09, 2014
DNS amplification botnet available in the underground

Security expert Dancho Danchev profiled a recently released DNS amplification DDoS service available for sale in the underground. Recently the cyber security expert Dancho Danchev profiled new DNS amplification DDoS bot available in the underground, a privileged attack tool for the criminal ecosystem. DDoS attacks observed last year were characterized by an increased magnitude because attackers adopted new techniques […]

Pierluigi Paganini March 07, 2014
Dendroid – A new Android RAT available on the underground

Symantec discovered a new HTTP Android Remote administration tool, named Dendroid, available on the underground market for only $300. Symantec researchers have discovered a new android malware toolkit dubbed Dendroid, early 2014 the company also detected AndroRAT, an Android Remote admin tool which is believed to be the first malware APK binder. Thanks to the diffusion of the Google […]

Pierluigi Paganini March 06, 2014
Trend Micro report on Chinese Mobile Underground Market

This report provides a brief overview of some basic underground activities in the mobile space in China, describing products and services. Security firm Trend Micro issued an interesting report on Chinese cybercrime which is increasingly targeting mobile platforms thanks to a vast underground offer of services and tools. Trend Micro Mobile Cybercriminal Underground Market report analyzes […]

Pierluigi Paganini March 01, 2014
More than 360 million stolen credentials available on the black market

Hold Security firm discovered more than 360 million newly stolen credentials and around 1.25 billion email addresses available for sale on the black market. The Hold Security firm has discovered a huge volume of data for sale on the online black market, it includes credentials from more than 360 million accounts and around 1.25 billion email addresses. […]

Pierluigi Paganini February 25, 2014
Largest Bitcoin exchange MtGox shut down, earthquake in the Bitcoin industry

Largest Bitcoin exchange MtGox shut down after it had announced to have suffered technical issues that forced the exchange to suspend withdrawals for a week. The world’s largest Bitcoin exchange MtGox has shut down its website, suspending any activities, the news is that to be frightening, a real earthquake that raises a series of reflections […]